The pink staff went forward with malicious knowledge encryption. They moved onto delicate IT methods, escalating their privileges alongside the best way, earlier than extracting delicate company knowledge and emails. The assault staff determined in opposition to finishing up any operational disruption since that they had no need to be thought of or handled like terrorists — they have been strictly in for the cash, going ahead with try to extort Springfieldshire Water Remedy for as much as £20 million.
In the meantime, over on the blue staff, incident response kicked in because the defenders put collectively a plan making an attempt to comprise the assault and restore affected methods.
Throughout this section of the train, the blue staff obtain a name from their authorized division advising them to tell the UK’s Nationwide Cyber Safety Centre and regulators in regards to the assault, warning that failures might lead to fines or legal responsibility points. Notifying companions and bringing within the experience of exterior incident response specialists turns into a significant focus for the defenders at this stage of the sport.
